Monthly Archives: April 2016

Post navigation

I was carefully applying the sugar frosting onto the mouth-watering blueberry cheesecake to offer it a creamy texture. It was the result of organizing best tips from a minimum of ten recipes on YouTube, when suddenly I heard a yell- “Mom!”

I left everything as is (leading to extra frosting spilling over the cake) and rushed out to the dining room to see that my dear daughter was checking her e-mails on her laptop. I see everything was ok with the child so heaving a sigh of relief, asked her, “What is it dear? Any unexpected news? You did scream at the top of your lungs to call me out here?”

“Look at my inbox, Mom! I have 50 unread mails, 50… from XYZ bank!”

One look at the inbox and yes, it was indeed strange, or rather this is SPAM- I thought out loud.

My daughter continued, “This one here says the first 50 people to fill up the attached form stand a chance of winning a prepaid credit card of Rs 50,000!! Shall I click and check? I won’t share any personal details, promise.”

“Woah! Don’t even go there little lady. Just think, why should anyone give away such gifts? What do I always tell you?”

The little lady timidly replies, “That there are no free lunches. So I will mark all these unsolicited mails as junk and delete them.”

And then, I just remembered that my excellent blueberry cheesecake is now ruined due to this trail of spam mails.

Like I said earlier, we all have been there. Unsolicited and often suspicious mails pop up in our mail boxes and this is something all parents want to help their kids out with but we too may be unsure whether the mail is genuine or intended to steal our personal data online. Fear not! Here’s a quick refresher on spam so that you and your children can all stay safe online.

Question no. 1:What is ‘Spam’?

According to Intel Security, “Spam is an email message sent to multiple recipients who did not ask to receive it. Email messages are not considered spam if a user has signed up to receive them or if they come from a trusted source.”

Question no. 2: Why do people send spam?

Well, it could be for any of these reasons:

To sell products

To phish for information with an intent to exploit

Send malware

To lure people to inappropriate sites

Question no. 3: What are the most popular types of scams or frauds initiated via spam mails:

Employment offers, especially the work from home types

Lottery, remittance of large sums from abroad or quick money-making

Mails purportedly from your bank, other financial institutions and government authorities directing you to other sites or asking you to download attachments to verify details

Dating site scams wherein unsuspecting users are emotionally blackmailed to part with money

E-tailer scams: mails from online sellers that ask for more money to ship products (usually expensive)

Education offers, especially abroad

The next step is learning to identify possible Spamming techniques by looking out for the following:

Exams are finally over and we are settling into the vacation mood. Hurrah!

And true to your promise, you are now returning smart devices to your kids, and removing internet usage restrictions. Before that, though, you will apply a new scratch guard over the smartphone, painstakingly wipe the dust off the gaming consoles, power up your favorite e-readers, correct? Sort of spring cleaning for the house to add new sparkle and energy to our lives but even more for our digitally enabled devices, isn’t it?

Here’s another thought. Why not use this opportunity to start afresh with our digital lives? Essentially, a scrubbing for all our social media accounts so they become squeaky clean! And while we are at it, let’s also oil the old joints, i.e. tighten up our account security & privacy details online. Better yet, let’s make this a family tradition for young and the old who are young at heart.

Did I just hear you say, “Come again?” Perhaps you are wondering if this is similar to deleting temporary files, running defragmentation and freeing up space on your computing hardware. Well, I am not only recommending a hardware clean-up but also a digital clean-up.

Over the years, we may have signed up for several social media sites, and other online accounts. Gradually however, we limit our activities to a few and ultimately neglect most others. We may be leaving behind a veritable photo-documentary of our life history, dated records, thoughts and actions. Most importantly, with time, the information may not be relevant.

Stay Vigilant:

Be Mindful – unsecured old online profiles are likely to fall prey to trolls, bullies and cyber criminals who may even use your digital identity as a front

Be Future Ready– It is now a known fact that colleges and would-be employers often check social media profiles of candidates to understand their background. Our virtual records might offer a different perspective, one that we may not want to present in certain scenarios

A digital clean-up also frees us of unnecessary worries in the future by eliminating the chance of leaving undesirable digital footprints.

So it’s time to pick up the virtual dusters!

Cut Down: Revisit all content, personal details, pictures, delete or deactivate accounts for sites that you don’t visit any more

Privacy settings: Maximize privacy on all apps, especially for kids. Children may not have usernames that reveal their full names. Sharing of details about birthdays, addresses, even school details should be monitored

Permission: Update the settings for social media accounts so that every time a third party wants access to personal information, you get a notification

Install and update security tools: Do not neglect this step for it is the most vital of all

Two super handy tips that can be used over and above the earlier pointers:

Google Alerts: Set up Google alerts against each family member’s name so that every time their names are mentioned in the virtual space in any context, you would know

Turn on tag notifications for social media accounts: This is to ensure your timeline isn’t filled with undesirable pics

Social media is super exciting but it’s essential to engage with a purpose to have positive effects. Have fun connecting online with new people but do so with the aim of sharing, learning and gaining from such interactions. Remember, appearances and perceptions can change with time for what may look ‘cool’ today may not look so ‘cool’ a decade later. Most importantly, remember that “What goes online, stays online.” That is, unless, you make an attempt to clean up your digital presence.

And always do keep in mind the mantra- STOP. THINK. POST. so that we have a positive surfing experience!

Any mention of stage fright transports us to our schooldays when we had to go up on stage to recite an oh-so-long poem, or act out a part in a play or sing a song. The jitters that came along! Oh yes, we all may have suffered from stage fright to some degree.

But when I talk about Stagefright in this blog it refers to a new cyber threat – a malware that is potentially scarier. In July 2015, security experts discovered several vulnerabilities in the Android operating systems that cybercriminals were targeting with the intent to steal personal data stored on our smartphones. Experts named this group of malicious code “Stagefright,”which is a nickname for the media libraries found in operating systems of our Android smartphones. Intel Security’s Mobile Threat Report for 2016 found that the count of Android-based devices detecting the Stagefright-based exploits has remained steady in Q4 2015.

So how dangerous is Stagefright and why should we be concerned? Well, it allows cybercriminals to remotely execute a code on a user’s phone by sending a specially designed MMS message. All that a cybercriminal requires is the target’s phone number to launch the attack. The attacker can then implant a remote access tool that gives them full access to your device.

This attack could happen while your phone is being charged. This means that the user has no hand in enabling the malicious code on his device, say through clicking on an infected link or downloading a malicious file.

There are even reports about the use of specially designed MP3 & MP4 files used to launch the Stagefright attack. This makes the situation even more pressing here as India has a booming smartphone market and a majority of the smartphone owners rely on the Android ecosystem.

While device manufacturers take note of such macro threats and share regular patches with customers, we must be vigilant every step of the way.

If you are an Android phone user, it is important for you to know the risks that could affect your device and how to protect yourself. So what can you do to keep your device secured and stay safe?

Update your device regularly: enable auto updates, for both the operating system and security tools. Yes, even if it means a 10-minute delay in starting your work because the Android tablet or smartphone needs to install updates and restart. While it may be inconvenient it is a small sacrifice to make for the safety of your personal information online

Secure all devices: All your devices (and not just the Android-based ones) with comprehensive security software from a reputable brand.

Turn off auto open feature: Because MMS-based messages and later, MP3 & MP4 files, were used to introduce the bug it’s wise to keep the auto-open MMS messages feature turned off. Similarly, disable auto-download or opening of files. This will allow you to personally verify authenticity of the source before you open a message or document

Err on the side of caution: It is better that you be suspicious and check files and messages before opening them than to be too trusting and fall prey to a cyberattack.